This commit lets apps signal an incomplete write. When that happens,
stop sending out any more data to the app and wait for it to unthrottle
the port.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
The have_data() API to hand off guest data to apps using virtio-serial
so far assumed all the data was consumed. Relax this assumption.
Future commits will allow for incomplete writes.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
When the guest writes something to a host, we copied over the entire
buffer first into the host and then processed it. Do away with that, it
could result in a malicious guest causing a DoS on the host.
Reported-by: Paul Brook <paul@codesourcery.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Instead of combining flush logic into the discard case and not discard
case, have one function doing discard case. This will help later when
adding flow control logic to the do_flush_queued_data() function.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Patch a6a7005d14b3c32d4864a718fb1cb19c789f58a5 generated
broken device paths. We snprintf with a length shorter
than the output, so the last character is discarded and replaced
by the null byte. Fix it up by snprintf to a buffer
which is larger by 1 byte and then memcpy the data (without
the null byte) to where we need it.
Reported-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The initialisation for generic ports and console ports is similar.
Factor out the parts that are the same in a different function that can
be called from each of the initfns.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
When reading cp0_count from a timer with a late trigger that should
already have expired, expire it and raise the timer irq.
This makes it possible for guest code (e.g, Linux) that first read
cp0_count, then compare it with cp0_compare and check for raised
timer interrupt lines to run reliably.
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Reorganize for future patches, no functional change.
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Linux kernel started to use the SM501 2D engine for the console, and
especially the copyrect operation.
Implement this operation so that recent kernels can be used with QEMU.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Expose no_hotplug attribute via I/O port, so ACPI BIOS can indicate
removability status to guest OS.
An updated seabios is required to make use of this feature (seabios.git
commit ID 3c241edf3d7ef29c21).
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Tested-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The USB keyboard emulation's translation table in hw/usb-hid.c doesn't
match the codes actually sent for the Logo (a.k.a. "Windows") or Menu
keys. This results in the guest OS not being able to receive these keys
at all when the USB keyboard emulation is being used.
In particular, both the keymap in /usr/share/kvm/keymaps/modifiers and
the evdev table in x_keymap.c map these keys to 0xdb, 0xdc, and 0xdd,
while usb_hid_usage_keys[] seems to be expecting them to be mapped to
0x7d, 0x7e, and 0x7f.
The attached patch seems to fix the problem, at least in my (limited)
testing.
http://bugs.debian.org/578846http://bugs.debian.org/600593 (cloned from the above against different pkg)
https://bugs.launchpad.net/qemu/+bug/584139
Signed-Off-By: Brad Jorsch <anomie@users.sourceforge.net>
Signed-Off-By: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
lsi_ram_read*() and lsi_ram_write*() are not consistent, one uses
leXX_to_cpu() the other uses nothing. As the comment above the RAM
declaration says: "Script ram is stored as 32-bit words in host
byteorder.", remove the leXX_to_cpu() calls.
This fixes the boot of an ARM versatile machine on MIPS and PowerPC
hosts.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Board id can't be written with stl_phys() as it's read-only part of
memory. Use stl_p() on the memory buffer instead.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix a buffer overflow, reported by cppcheck:
[/src/qemu/hw/ppc405_uc.c:72]: (error) Buffer access out-of-bounds: bd.bi_s_version
The use of field bi_s_version seems to be a typo, it should be
bi_r_version.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Fix a buffer overflow, reported by cppcheck:
[/src/qemu/hw/lan9118.c:849]: (error) Buffer access out-of-bounds: s.eeprom
All eeprom handling code assumes that the size of eeprom is 128,
except lan9118_eeprom_cmd. Fix this by restricting the address passed.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The current default of 16 buffers for the control vq is too small. We
can get more entries in there, for example when asking the guest to add
max. allowed ports.
Note: a more robust solution would involve some kind of event queueing
in host to guarantee no event loss. Added a TODO to look into
this later.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This patch rewrites the firmware path code to use the physical port
location tracking just added to the qemu usb core. It also fixes the
port numbering to start with "1" in the firmware path.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This allows to explictily set the physical port where you want to
plug the usb device. Example:
-device usb-tablet,bus=usb.0,port=2
With explicit port addressing qemu can and will not automagically add
USB Hubs. This means that:
(a) You can plug two devices of your choice into the two uhci
root ports.
(b) If you want plug in more that two devices you have to care
about adding a hub yourself.
Plugging a hub works this way:
-device usb-hub,bus=usb.0,port=1
Use this to add a device to the hub:
-device usb-tablet,bus=usb.0,port=1.1
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add a path string to USBPort. Add usb_port_location() function to set
the physical location of the usb port. Update all drivers implementing
usb ports to call it. Update the monitor commands to print it. Wind it
up in qdev.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The scsi layer may return us more data than the guests wants to have.
Handle this by just ignoring the extra bytes and calling the
{read,write}_data callback to finish the request.
Seen happening in real life with some extended inquiry command.
With this patch applied the linux kernel stops reseting the device
once at boot.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Change usb_msd_send_status() to take a pointer to the status packet
instead of writing the status to s->usb_buf which might not point
to the correct location.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add high speed support to the usb mass storage device. With this patch
applied the linux kernel recognises the usb storage device as highspeed
capable device and suggests to connect it to a highspeed port instead of
the uhci. Tested with both uhci and (not-yet submitted) ehci.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add support for device_qualifier and other_speed_config descriptors.
These are used to query the "other speed" configuration of usb 2.0
devices, i.e. in high-speed mode they return the full-speed
configuration and visa versa.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add usb_desc_attach() which sets up the device according to the speed
the usb port is able to handle. This function can be hooked into the
handle_attach callback.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add handle_attach() callback to USBDeviceInfo which is called by the
generic package handler when the device is attached to the usb bus
(i.e. plugged into a port).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
It would be nice to have some way to signal our hid devices support
remote wakeup. There is a descriptor bit for that of course. Problem
with using is one is that older qemu versions used to set the bit even
though they did *not* support remote wakeup. Bummer.
This patch changes the serial number of our hid devices from "1" to "42"
to signal "it is safe to enable remote wakeup". The serial number was
choosen because it isn't used for anything and it is available in sysfs
so it is easy to match it using udev rules like this:
ACTION=="add", SUBSYSTEM=="usb", \
ATTR{product}=="QEMU USB Tablet", ATTR{serial}=="42", \
RUN+="usb_enable_autosuspend %p"
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch makes the usb hub handle remote wakeup requests from devices
properly by updating the port status register and forwarding the wakeup
to the upstream port.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add wakeup callback to port ops for remote wakeup handling.
Also add a usb_wakeup() function for devices which want
trigger a remote wakeup.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add separate detach callback to USBPortOps, split
uhci/ohci/musb/usbhub attach functions into two.
Move common code to the usb_attach() function, only
the hardware-specific bits remain in the attach/detach
callbacks.
Keep track of the port it is attached to for each usb device.
[ v3: fix tyops in usb-musb.c ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
- Don't return status from start/stop functions where it's ignored
- report errors to make debugging easier
- assert on unexpected failures
- don't disable notifiers on error so that we'll
retry when guest driver restarts
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This patch moves setting and clearing the remote_wakeup feature
bit (via USB_REQ_{SET,CLEAR}_FEATURE) to common code. Also
USB_REQ_GET_STATUS handling is moved to common code.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds fields to the USBDevice struct for the current
speed (hard-wired to full speed for now) and current device
configuration. Also a init function is added which inializes
these fields. This allows USB_REQ_{GET,SET}_CONFIGURATION
handling to be moved to common code.
For most drivers the conversion is trivial ad they support a single
configuration only anyway. One exception is bluetooth where some
device-specific setup code runs after get/set configuration. The
other is usb-net which actually has two configurations so the
the code to check for the active configuration has been adapted.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Switch the usb hub driver over to the
new descriptor infrastructure.
It also removes the nr_ports variable and MAX_PORTS define and
introduces a NUM_PORTS define instead. The numver of ports was
(and still is) fixed at 8 anyway.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
